From owner-freebsd-pf@FreeBSD.ORG  Thu Jul  7 06:55:20 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E925E16A41C
	for <freebsd-pf@freebsd.org>; Thu,  7 Jul 2005 06:55:20 +0000 (GMT)
	(envelope-from maack@vittig.dk)
Received: from mail.galnet.dk (mail.galnet.dk [192.38.163.5])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9C20643D55
	for <freebsd-pf@freebsd.org>; Thu,  7 Jul 2005 06:55:19 +0000 (GMT)
	(envelope-from maack@vittig.dk)
Received: from localhost (localhost [127.0.0.1])
	by mail.galnet.dk (Postfix) with ESMTP id 7F82EB897
	for <freebsd-pf@freebsd.org>; Thu,  7 Jul 2005 08:55:18 +0200 (CEST)
Received: from mail.galnet.dk ([127.0.0.1])
	by localhost (mail.galnet.dk [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 90220-19 for <freebsd-pf@freebsd.org>;
	Thu,  7 Jul 2005 08:55:17 +0200 (CEST)
Received: from [127.0.0.1] (unknown [85.218.161.209])
	by mail.galnet.dk (Postfix) with ESMTP id B6AECB836
	for <freebsd-pf@freebsd.org>; Thu,  7 Jul 2005 08:55:17 +0200 (CEST)
Date: Thu, 07 Jul 2005 08:55:18 +0200
From: Thomas Maack Nielsen <maack@vittig.dk>
To: freebsd-pf@freebsd.org
Message-Id: <20050707084850.E93D.MAACK@vittig.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.20.04 [en]
X-Virus-Scanned: by galnet.dk
Subject: freebsd 5.4 with pf nat and voip
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2005 06:55:21 -0000

I have the following setup:

FreeBSD 5.4 with pf enabled.

pf works as the firewall and does the NAT to.

On the NAT side i got 2 x pc's and 2 x Grandstream 286 voip adaptors.

My NAT rule is the following: 

nat pass on $extern from $intern:network to any -> $extern

This works fine for my pc's, but not for my Grandstreams, they are setup
to use a STUN serve for easy configuration, but the tell me that I am
using symmetric NAT type, and for symmetric NAT a STUN server doesn't
work, is it possiable to change the NAT type to any other than symmetric NAT?
Or is it the STUN server detecting wrong?

Regards,

Thomas Maack Nielsen